Linux, how to run processes with a different views of the file system

I need to run multiple instances of a process with different configurations. However this process is hard coded to read the configuration from a particular file (needless to say its closed source). Also the process periodically writes the configuration back to the file.

I have tried launching the process using a script after moving the correct config file for that instance but this fails because the instances overrides the config file in place for each other.

Essentially I need an equivalent of launching with different environments but at the file system level

EDIT: Each process runs as an independent user but looks for a configuration file at a common location Thanks

eskhool

Posted 2017-11-28T11:12:59.543

Reputation: 183

Put it into Docker container? This is not as efficient as namespaces, but is very easy to do. – wvxvw – 2017-11-28T13:41:37.637

Answers

Have a look at namespaces, in particular for mounts. You may need to replicate the root filesystem, so also have a look at overlays FS and/or binding mounts.

Another option is to use LD_PRELOAD and hijack the open call, so you can replace the config file (or other files) with the paths you want.

The userspace tool is called unshare, so you do something like

$ mkdir dir1
$ mkdir dir2
$ touch dir1/foo.conf
$ touch dir2/foo.conf
$ rm conf/foo.conf
$ sudo unshare -m /bin/bash
# mount --bind dir1 conf
# su your_userid
$ ls conf
foo.conf

and similarly for dir2 etc. Skript as required.

dirkt

Posted 2017-11-28T11:12:59.543

Reputation: 11 627

Are there any userspace tools to mount namespaces? I have been googling all over without much luck...if you could add some detail on how to do this in the answer (ubuntu 16.04 if it matters) that would be great – eskhool – 2017-11-29T07:00:03.063

I also tried using a bindfs ...fusermount solution since each process is run by a different user but the common location becomes inaccessible to the other user – eskhool – 2017-11-29T07:02:21.627

Depending on the program you could set each instance up in it's own (chroot) jail - you might need to use bind mounts to allow it to access common parts of the system as well.

A chroot jail creates a virtual root in a directory (typically using the chroot command). Bind mounts can be used before creating the jail to make a copy of parts of the filesystem visible as subdirectories of the rooted jail directory.

Another alternative would be to use some kind of virtualization - I believe Docker containers would fo what you want (but I have not played much with them). Certainly KVM could do it, but it found like it would be much too big - ie a full vm per instance - to make it practical.

davidgo

Posted 2017-11-28T11:12:59.543

Reputation: 49 152

chroot sounds like overkill for the requirement and virtualization like docker and all even more so...have played with all the above but would involve a lot of binding of common resources to make the process do its normal functions ...like using a cannon to kill a fly :) – eskhool – 2017-11-29T07:05:04.200